School Networks
School Wi-FI is available to students of Year 9 to Year 12. A form with basic guidelines and rules of using the devices is required to be signed by the student and the student's parent for the network to be accessible by the student. Each student can only register one device. The form is given at the start of every year. The school purchases a 1GBps plan from HKBN. According to an ICT project in 2016 that interviewed an ICT technician, it has been estimated that 1246 GB of data passes around the network. The technician stated that they will not be upgrading to Windows 10 due to the instability and bugs. The school network is based on two IP layers: the 'Staff' layer (10.30.10.0-10.30.14.255, 10.30.11.0-255) and the 'Others' layer (192.168.0.0-192.168.255.255) The network login page is 'https://10.30.11.1/user/user_login_auth.jsp', powered by Ruckus Wireless. There are several Wi-Fi access points around the school. Each Wi-Fi Access Point broadcasts around 4-5 ESSIDs, for example, an AP in Classroom 9C broadcasts CKY-Staff, CKY-Stu_Y09a and CKY-Janitors. The majority of the access points have WPA2-TKIP Personal Security. SSIDs are also hidden, which means users must know both the SSID and the passwords of it. These APs uses whitelists, or MAC authentication, which requires you to have the correct MAC Address to connect to the network. After entering the APs' local network, authenticiation is required for further Internet access. Networks available in the school and their purposes include: *'Lib-WIN:' used for Library dual-boot Mac computers running Windows 7 Professional *'Lib-MAC:' used for Library dual-boot Mac computers running MacOS *'CKY1:' believed to be used for testing purposes on the fourth floor *'CKY-E:' for an unknown purpose *'CKY-STEM:' used by the STEM Room on the fifth floor *'CKY-Stu_Y09a:' primary network used by Year 9 students, with APs scattered all over the school and particularly concentrated in Year 9 classrooms *'CKY-Stu_Y09b:' secondary backup Wi-Fi broadcasted in 9A, 9C, 9E classroom APs only (it is currently inaccessible) *'CKY-Stu_Y10a:' primary network used by Year 10 students–the signal strength of the Year 10 Wi-Fi network is significantly weaker on the fourth floor and the fifth floor *'CKY-Stu_Y10b:' deprecated network to be deleted (initially accessible, later closed and only detected in classrooms 10C and 10D) *'CKY-Stu_Y11:' network rarely detected out of all. *'CKY-Stu_Y12:' network APs scattered all over the school, including 2/F language labs. *'CKY-Mobilelab:' network used for mobile laptops only. Signal strength is weak when outside of the Library (-89dB) *'CKY-PANEL:' for an unknown purpose, possibly for CCTV systems. *'CKY-Janitor:' a network used by janitors, signals are especially strong at the janitor's rooms on each floor *'CKY-Chromebook:' a network used by Chromebooks–signal strength is moderately bad, issues always arise (the Library has an extremely strong signal (up to -45 dB in places)) *'CKY-Instrument:' a network presumably used by instrument teachers Other access point(s) have no security (open network(s)), including: *'CKY-Staff:' used by both primary and secondary staff, uses 802.11abg, ac and x on Channel 1 (2412MHz, with least interference) The WLAN network has high interference, where many SSIDs overlap on Channels 10-13. It is the main reason for many packet losses for students using the Wi-Fi. The school network has very weak security. IP scanning can discover massive vulnerabilities, for example, the windows-based storage hard drives on 192.168.0.5. Printers connected to the LAN at the 'staff' layer could be vulnerable. All servers are also connected to the same network. However, it is believed that a separate surveliance camera network is set up, which can probably only be accessed by security and IT technicians. Due to the constant down service on the WLAN network, many students tend to switch on their mobile phones and setup their own APs. Trivia It has been famously known for the gateway of 192.168.255.254 and 192.168.255.255 to block gaming websites and other websites. Therefore, it has been a tradition for students at CKY to use proxies or VPNs, along with MAC address changers, to bypass filtering and avoid detection. On 15/4/2019, the IT technicians team set up a trap for students. Since the username and password of a teacher were leaked (also known as 'dramatemp'), many students gained access to the internet without registering. However, people who logged on using 'dramatemp' accounts had their own accounts immediately banned, in which almost half of the students of Year 8 and 9 was affected at that time. Category:Non-Structures